CVE-2026-42608 | grav up to 1.74.2 FormFlash path traversal

Inserito da Angelo Barbosa | Mag 6, 2026 | CVE

A vulnerability labeled as critical has been found in grav. Affected is an unknown function of the component FormFlash. Executing a manipulation can lead to path traversal.

The identification of this vulnerability is CVE-2026-42608. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2026-42608 | grav up to 1.74.2 FormFlash path traversal

Post correlati

CVE-2025-30519 | Dover Fueling Solutions ProGauge MagLink LX 4 weak credentials (icsa-25-261-07)

CVE-2024-50400 | QNAP QTS/QuTS hero format string (qsa-24-43)

CVE-2026-7645 | ruvnet sublinear-time-solver 1.5.0 MCP Interface server.js export_state path traversal (Issue 19)

CVE-2022-43934 | Brocade SANnav up to 2.2.1 risky encryption